Python 刚刚在模型中添加了FileField,现在可以';t在http上登录到管理员://
我刚刚在models.py文件中添加了一个FileField模型:Python 刚刚在模型中添加了FileField,现在可以';t在http上登录到管理员://,python,django,ssl,django-models,nginx,Python,Django,Ssl,Django Models,Nginx,我刚刚在models.py文件中添加了一个FileField模型: header\u image=models.FileField(上传到`blog/%Y/%m/%d',null=True,blank=True) 对于本地开发,我已设置了媒体nginx配置,因此local settings.py中的媒体设置为: MEDIA\u ROOT=os.path.abspath(os.path.join(BASE\u DIR,../../app/MEDIA')) 媒体http://local-media-
header\u image=models.FileField(上传到`blog/%Y/%m/%d',null=True,blank=True)
对于本地开发,我已设置了媒体nginx配置,因此local settings.py中的媒体设置为:
MEDIA\u ROOT=os.path.abspath(os.path.join(BASE\u DIR,../../app/MEDIA'))
媒体http://local-media-david.ingledow.co.uk/“
当我尝试登录到管理员或从管理员上传文件时,出现以下错误:
Forbidden (403)
CSRF verification failed. Request aborted.
Referer checking failed - http://local-david.ingledow.co.uk/admin/ does not match https://local-david.ingledow.co.uk/.
我的本地开发管理员位于:
http://local-david.ingledow.co.uk/admin/
让它工作的唯一方法是:
https://local-david.ingledow.co.uk/admin/
(https://)
NGINX配置
文件夹结构
设置:base.py
设置:local.py
从基本导入*
ALLOWED_HOSTS = ['*']
DEBUG = True
SOUTH_TESTS_MIGRATE = False
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': 'app.db',
}
}
STATICFILES_DIRS = (
os.path.join(BASE_DIR, '../../srv/assets'),
)
STATIC_ROOT = os.path.abspath(os.path.join(BASE_DIR, '../../srv/static'))
STATIC_URL = 'http://local-static-david.ingledow.co.uk/'
MEDIA_ROOT = os.path.abspath(os.path.join(BASE_DIR, '../../app/media'))
MEDIA_URL = 'http://local-media-david.ingledow.co.uk/'
这并不理想,因为管理员样式没有查看,而且我总是收到SSL警告
如何设置文件字段模型而不必使用SSL?我必须购买SSL证书吗?您的设置中是否有
CSRF\u COOKIE\u SECURE=True
?@skzryzg恐怕也不行。没有。除非有ssl证书设置,否则不要将其设置为true。让我再看一看yourqestion@skzryzg将其设置为True和False,两者都不起作用。我在上面添加了更多详细信息:Referer检查失败-http://local-david.ingledow.co.uk/admin/ 不匹配https://local-david.ingledow.co.uk/.
我试过这样做:使用\u X\u FORWARDED\u HOST=True
但这也不起作用。
import os
from os import environ
import dj_database_url
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
SECRET_KEY = environ.get(
'SECRET_KEY',
'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
# allow debug to be set from env config
DEBUG = True if environ.get('DEBUG') is True else False
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = ['.herokuapp.com', '.ingledow.co.uk', ]
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'gunicorn',
'south',
'blog',
'markdown_deux',
'storages',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
ROOT_URLCONF = 'app.urls'
WSGI_APPLICATION = 'app.wsgi.application'
DATABASES = {}
DATABASES['default'] = dj_database_url.config()
LANGUAGE_CODE = 'en-gb'
TIME_ZONE = 'UTC'
USE_I18N = False
USE_L10N = False
USE_TZ = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
STATICFILES_STORAGE = 'django.contrib.staticfiles.storage.StaticFilesStorage'
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder'
)
TEMPLATE_DIRS = (
os.path.join(BASE_DIR, '../templates/'),
)
LOGGING = {
'version': 1,
}
ALLOWED_HOSTS = ['*']
DEBUG = True
SOUTH_TESTS_MIGRATE = False
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': 'app.db',
}
}
STATICFILES_DIRS = (
os.path.join(BASE_DIR, '../../srv/assets'),
)
STATIC_ROOT = os.path.abspath(os.path.join(BASE_DIR, '../../srv/static'))
STATIC_URL = 'http://local-static-david.ingledow.co.uk/'
MEDIA_ROOT = os.path.abspath(os.path.join(BASE_DIR, '../../app/media'))
MEDIA_URL = 'http://local-media-david.ingledow.co.uk/'